The branch stable/13 has been updated by olce:
URL:
https://cgit.FreeBSD.org/src/commit/?id=f8e47b137a80ca4c3e8d932d1b4b8f89c3d02942
commit f8e47b137a80ca4c3e8d932d1b4b8f89c3d02942
Author: Olivier Certner <o...@freebsd.org>
AuthorDate: 2024-10-08 10:06:55 +0000
Commit: Olivier Certner <o...@freebsd.org>
CommitDate: 2025-01-17 12:24:52 +0000
mountd(8): parsecred(): Re-order operations for clarity
No functional change (intended).
Reviewed by: rmacklem (older version)
Approved by: markj (mentor)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47015
(cherry picked from commit a20d50245f280be404cb8e3b5c9d570ded9594b9)
---
usr.sbin/mountd/mountd.c | 53 ++++++++++++++++++++++++------------------------
1 file changed, 27 insertions(+), 26 deletions(-)
diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c
index 8ddedbb16f24..ac1a652f349e 100644
--- a/usr.sbin/mountd/mountd.c
+++ b/usr.sbin/mountd/mountd.c
@@ -3573,21 +3573,14 @@ parsecred(char *namelist, struct expcred *cr)
char *name;
char *names;
struct passwd *pw;
- struct group *gr;
gid_t groups[NGROUPS_MAX + 1];
int ngroups;
unsigned long name_ul;
char *end = NULL;
/*
- * Set up the unprivileged user.
- */
- cr->cr_groups = cr->cr_smallgrps;
- cr->cr_uid = UID_NOBODY;
- cr->cr_groups[0] = nogroup();
- cr->cr_ngroups = 1;
- /*
- * Get the user's password table entry.
+ * Parse the user and if possible get its password table entry.
+ * 'cr_uid' is filled when exiting this block.
*/
names = namelist;
name = strsep_quote(&names, ":");
@@ -3596,13 +3589,25 @@ parsecred(char *namelist, struct expcred *cr)
pw = getpwnam(name);
else
pw = getpwuid((uid_t)name_ul);
+ if (pw != NULL) {
+ cr->cr_uid = pw->pw_uid;
+ } else if (*end != '\0' || end == name) {
+ syslog(LOG_ERR, "unknown user: %s", name);
+ cr->cr_uid = UID_NOBODY;
+ goto nogroup;
+ } else {
+ cr->cr_uid = name_ul;
+ }
+
/*
- * Credentials specified as those of a user.
+ * Credentials specified as those of a user (i.e., use its associated
+ * groups as specified in the password database).
*/
if (names == NULL) {
if (pw == NULL) {
- syslog(LOG_ERR, "unknown user: %s", name);
- return;
+ syslog(LOG_ERR, "no passwd entry for user: %s, "
+ "can't determine groups", name);
+ goto nogroup;
}
cr->cr_uid = pw->pw_uid;
ngroups = NGROUPS_MAX + 1;
@@ -3617,20 +3622,14 @@ parsecred(char *namelist, struct expcred *cr)
memcpy(cr->cr_groups, groups, ngroups * sizeof(gid_t));
return;
}
+
/*
- * Explicit credential specified as a colon separated list:
+ * Explicit credentials specified as a colon separated list:
* uid:gid:gid:...
*/
- if (pw != NULL) {
- cr->cr_uid = pw->pw_uid;
- } else if (*end != '\0' || end == name) {
- syslog(LOG_ERR, "unknown user: %s", name);
- return;
- } else {
- cr->cr_uid = name_ul;
- }
cr->cr_ngroups = 0;
while (names != NULL && *names != '\0') {
+ const struct group *gr;
gid_t group;
name = strsep_quote(&names, ":");
@@ -3650,14 +3649,16 @@ parsecred(char *namelist, struct expcred *cr)
}
groups[cr->cr_ngroups++] = group;
}
- if (cr->cr_ngroups == 0) {
- /* cr->cr_groups[0] filled at start with nogroup(). */
- cr->cr_ngroups = 1;
- return;
- }
+ if (cr->cr_ngroups == 0)
+ goto nogroup;
if (cr->cr_ngroups > SMALLNGROUPS)
cr->cr_groups = malloc(cr->cr_ngroups * sizeof(gid_t));
memcpy(cr->cr_groups, groups, cr->cr_ngroups * sizeof(gid_t));
+ return;
+
+nogroup:
+ cr->cr_ngroups = 1;
+ cr->cr_groups[0] = nogroup();
}
#define STRSIZ (MNTNAMLEN+MNTPATHLEN+50)
